I don’t really mind using shit software on work devices. Yes it’s slow and inefficient, I spent half an hour today on Windows doing what would be a very short command on Linux. Fuck it, get paid the same. I just use Linux at home in my own time.
I’ll point out better software exists. If I don’t get support in changing it or allowed to change it, fuck it. It’s on them at that point.
It depends…. Your company IT department can choose what types of 2FA are available to use and Microsoft Authenticator is separate from OTP and other methods, and it is possible to restrict them.
That’s also yet another reason why I force the issue of a company phone as part of my equipment to do my job.
Work isn’t an excuse unless your work is trying to cut corners by having you use your personal phone instead of providing a work one. In which case they deserve to be taught this lesson for being cheap as fuck.
Your IT should be issuing you a phone handled by MDM, which should be locked down and not allow you to use a rooted or jailbroken device anyway.
Nope, the Microsoft authenticator is slightly different, and other authenticators won’t work. I just went through this with my IT dep. Microsoft authenticator will sometimes pop the numbers up on the computer and make you enter it in the app, not the other way around.
Because I also have my normal phone as a backup for this purpose in case out in the field something happens to my work phone. And my personal phone is rooted.
The main problem as I see it is if I have to download authenticator onto my personal device because something has happened to my work device. That’s the only way I could see this being a problem since I use Graphene OS on my personal phone. Even then I would probably just use the authenticator on my work computer rather than going to that trouble.
Only if the company supports OTP methods for Entra login (logging in to M365 account).
But I’d say most don’t anymore, as there has been a push towards Microsoft Authenticators push-method for a while (where the website/app shows a number and you have to type it in to the authenticator), as it is a slightly safer method than OTP, and can be used passwordless.
It also made people ready for passkeys, as the authenticator supports easy activation off passkey on accounts that are saved with push-method (you pretty much just click a button in the app), and authenticator is easy to set up on the admin side if you require device bound and attestation for passkey.
Work
I don’t really mind using shit software on work devices. Yes it’s slow and inefficient, I spent half an hour today on Windows doing what would be a very short command on Linux. Fuck it, get paid the same. I just use Linux at home in my own time.
I’ll point out better software exists. If I don’t get support in changing it or allowed to change it, fuck it. It’s on them at that point.
You don’t need it for work. You can use any authenticator.
It depends…. Your company IT department can choose what types of 2FA are available to use and Microsoft Authenticator is separate from OTP and other methods, and it is possible to restrict them.
That’s also yet another reason why I force the issue of a company phone as part of my equipment to do my job.
my company IT can provide a phone
no work software is ever touching a personal phone
and work phones get shut off at closing
Work isn’t an excuse unless your work is trying to cut corners by having you use your personal phone instead of providing a work one. In which case they deserve to be taught this lesson for being cheap as fuck.
Your IT should be issuing you a phone handled by MDM, which should be locked down and not allow you to use a rooted or jailbroken device anyway.
Nope, the Microsoft authenticator is slightly different, and other authenticators won’t work. I just went through this with my IT dep. Microsoft authenticator will sometimes pop the numbers up on the computer and make you enter it in the app, not the other way around.
IIRC if you use M365 (i.e. Outlook), you can only use their authenticator app for MFA. Happy to be corrected though.
M365 can be used with other 2fa apps. But organisations can force the use of Microsoft Authenticator
Aegis works fine, as long as your organization allows standards compliant authenticators.
You can use other authenticators. I use ente auth for my microsoft account
My work MS account requires MS authenticator specifically, can’t use another 2fa app
I can’t. The authenticator for my job was set up on my work device by my IT department.
If your work requires you to have a Microsoft Authenticator-compatible device, they should provide you with one.
Which would never be rooted or jailbroken in the first place so why even bring it up in this this context?
Because I also have my normal phone as a backup for this purpose in case out in the field something happens to my work phone. And my personal phone is rooted.
Oh yeah I get it, I was mostly answering the “why bring it up”, since this whole chain of comments started because of the comment I quoted.
Sucks to have that. Have you tried asking IT if you could use a different one?
The main problem as I see it is if I have to download authenticator onto my personal device because something has happened to my work device. That’s the only way I could see this being a problem since I use Graphene OS on my personal phone. Even then I would probably just use the authenticator on my work computer rather than going to that trouble.
That sucks. I refused so they gave me a Yubikey instead.
I have a yubikey (two actually, one from a previous employer). New company won’t actually let me use it.
Depends on how your M365 tenant is configured. Both conditional access policies and authentication strengths can enforce the requirement
Only if the company supports OTP methods for Entra login (logging in to M365 account).
But I’d say most don’t anymore, as there has been a push towards Microsoft Authenticators push-method for a while (where the website/app shows a number and you have to type it in to the authenticator), as it is a slightly safer method than OTP, and can be used passwordless.
It also made people ready for passkeys, as the authenticator supports easy activation off passkey on accounts that are saved with push-method (you pretty much just click a button in the app), and authenticator is easy to set up on the admin side if you require device bound and attestation for passkey.
Then stop working for retards who support Nazis
I like the energy. But you took that from a 4 to a 10 fast.